SOX ITGC Senior Program Manager

About The Position

Requirements

• Bachelor's degree in Information Technology, Information Security, Cybersecurity or related field and/or equivalent experience
• 8+ years of progressive experience in IT compliance, audit, or risk management with demonstrated ownership of SOX ITGC frameworks and remediation programs.
• Proven experience designing and implementing ITGC programs or frameworks.
• Proven ability to translate regulatory controls into actionable IT processes that scale.
• Deep understanding of SOX requirements, ITGC domains, and control testing methodologies.
• Strong project management and organizational skills; ability to manage multiple priorities in a fast-paced environment.
• Experience developing Audit Committee and Board of Directors level status updates and reports
• Experience presenting and communicating with Executive Leadership and Audit Committees
• Excellent communication and interpersonal skills; ability to influence and collaborate across departments.
• Strong analytical and problem-solving skills.
• Applicants must be legally authorized to work in the U.S. without requiring employer sponsorship now or in the future.

Nice To Haves

• Experience with implementing or optimizing audit tools, GRC platforms (e.g., Vanta, Workiva), and ERP systems is a plus.
• Professional certifications (CISA, CRISC, CISSP, CPA) strongly preferred — or equivalent experience demonstrating mastery of IT control frameworks.

Responsibilities

• Lead end-to-end SOX scoping, risk assessment, and annual planning across all in-scope systems, applications and infrastructure.
• Develop and maintain comprehensive documentation, policies, procedures, and control matrices.
• Identify, assess, and document ITGCs across in-scope systems and processes (e.g., access controls, change management, data backup, system development lifecycle).
• Own the testing calendar and coordinate walkthroughs, evidence collection and remediation cycles.
• Serve as the primary liaison between IT, Internal Audit and external audit during walkthroughs, testing and issue resolution.
• Coordinate with Internal Audit and External Audit to align ITGC testing, evidence collection, and remediation activities.
• Monitor control effectiveness, drive continuous improvement and identify opportunities to automate manual controls to improve efficiency and reliability
• Ensure controls are scalable and aligned with business growth and system changes.
• Partner with Internal Audit, Finance, and other business units to align ITGC efforts with broader SOX compliance initiatives.
• Analyze control deficiencies, assess risk impact, and lead remediation planning and execution.
• Assess and document the impact of new systems, technology changes, and acquisitions on SOX scope
• Coordinate with Internal Audit to develop/update and deliver SOX ITGC training to IT staff and stakeholders on SOX ITGC requirements and responsibilities.
• Provide ongoing coaching and guidance on ITGCs to ITGC control stakeholders.
• Promote a culture of SOX ITGC compliance and accountability across the organization.
• Provide Executive Leadership and Internal Audit with regular program status updates, remediation progress, risk exposure assessments and control environment health metrics.
• Stay current with changes in regulatory requirements and industry trends and adjust compliance programs accordingly.

Benefits

• medical
• dental
• vision
• basic life and disability insurance
• 401(k) plan
• vacation
• sick and holiday pay